• Bytemeister@lemmy.world
      link
      fedilink
      Ελληνικά
      arrow-up
      6
      ·
      4 months ago

      As long as your phone is secure, and the manager only stores data locally, I’d say yes. I would still encourage you to have any “reset capable” accounts secured with a strong password and 2FA that is not in your PW manager.

      As with all things IT, there is a tradeoff between comfort/usability and security.

        • Bytemeister@lemmy.world
          link
          fedilink
          Ελληνικά
          arrow-up
          4
          ·
          edit-2
          4 months ago

          I can’t really endorse any one over the others. We use LastPass at my workplace, but they were compromised recently. I didn’t use the service though, still reset my passwords just in case.

          I would look for a manager that has a policy of transparency. Breaches happen, they are a fact of life. Both the systems being used, and the people using them are not infallible. I would be more comfortable with a service that notified me immediately when they were breached, and provided easy resolution. When LastPass was breached, they were extremely open about it, and notified their users. Plus, if you use a PW manager, it’s pretty easy to go back in all your services and update the passwords, since you have a list of them and a random PW generator easily accessible. It probably took most people less than an hour to recover.

    • Deepus@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      4 months ago

      Yes, as long as your master password is strong and you again enable mfa